Skip to main content
United States flag An official website of the United States government
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Show

NCUA: Be Sure Your Cyber Defenses are Ready

May 2017
NCUA: Be Sure Your Cyber Defenses are Ready

ALEXANDRIA, Va. (May 22, 2017) – In the wake of the “WannaCry” global ransomware attack, the National Credit Union Administration reminds federally insured credit unions to verify they have effective controls in place to prevent similar attacks.

NCUA provides credit unions with extensive information on protecting systems, cybersecurity preparedness, and ransomware defense strategies at its Cybersecurity Resource Center.

The WannaCry attack hit more than 300,000 victims in more than 150 nations, disrupting critical infrastructure, like healthcare, in some countries. This attack paired malware designed to exploit known Windows vulnerabilities with ransomware to infiltrate and encrypt data on affected systems. Systems using supported versions of Windows with up-to-date security patches were not affected. Affected organizations with robust incident response and system backup practices were capable of recovering with limited impact. Strong basic cyber hygiene practices can prevent infection by most types of ransomware. 

This attack was designed to spread to new machines and systems and did not require a user to perform an action like opening an email attachment in order to spread the ransomware. Although the attack has so far had limited impact in the United States, NCUA expects to see similar and increasingly sophisticated attacks of this nature. That is why it is essential that federally insured credit unions validate their cyber defenses, especially those practices that can prevent attacks like WannaCry from affecting their systems in the future. 

Last modified on